|
|
|
|
|
|
by null_content
2668 days ago
|
|
|
> Even back in the 90's Mysql was able to hide the CLI supplied password from the process list. It would be cool if oathtool was able to do the same. This has always been a brittle and not easily portable approach. And doesn't protect you from an attacker doing something much simpler: reading your .bash_history file. Passing passwords as arguments has always been a bad idea. |
|
|